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REMARKS 

L Introduction 

In response to the Office Action dated October 6, 2003, please consider the 
following remarks. Qainis 1-8 and 10-19 remain in the application, Re-exaniinatLon and re- 
consideration of the application, as amended, is requested. 

II' ITie Gted References and the Subject Invention 
A- The Benson Reference 

European patent applications EP 0 936 530 (hereinafcer the Benson lefercnce) 
discloses a virtual smart card. Ihe viruai smart card emulates a real smart card by providing 
ideniica] interface and services. The virtual smartcaid has no physical manifestation and any 
smartcard- aware application can seamlessly interface with either a real smaitcard or the 
Virtual smartcaixL A virtual smarccard server or duplication-protected physical media 
communicates with the virtual smartcard in order to activate or deactivate the virtual 
smartcaid. 

B. The Gabrielle Reference 

''USB Forum Produces Logo, Awareness Initiative" by Gabrielle C Mitchell, 
Computer Retail Week 1997, n- 192, pg, 49 (hereinafter, the Benson reference) is a news 
story about the tise of USB-compliaxiT devices. 

G The Subject Invention 

The Applicants* invention is a compact, self-contained, personal key. The personal 
key comprises a USB-compliant interface releaseably coupleable to a host processing 
device operating under command of an operating system. Importantly, the token 
comprises (1) a smartcard processor having a smartcard processor-compliant interface for 
communicating accordmg to a smartcard input and output protocol, and (2) an interface 
processor implementing a translation module for interpreting USB-compliant messages 
into smartcard processor-compliant messages and for interpreting smartcard processor- 
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compliant messages into USB-coinpliant messages. These features provide specific 
advantages described in the Applicants' specification: 

First, smarccord processors 320 are rebtively inexpensive and readily available. Second, a large 
number of application piograms 110 have been developed for the use of smarrcards, includliig the 
pereonal computer/ smancard (pC/SQ interface developed by the MICROSOFT CORPORATION. 
By providing a smartcard processor (^ich complies with die smartcard 1/ O protocols and supports 
smartcard command sets), this software can be used with a personal tey 300 in a USB-compliani form 
factor. (Specificaiion, page 10, lines 1-7) 

E, Differt»nces Beiween the Subject Invention and die Qred References 
The Benson reference discloses a virtual smartcard, i,e. scfrmtre^ running on a general 
purpose processor, that emidates the behavior of a smarccard. The Applicants' invendon, m 
contrast, uses a p/^tfica/ smartcard processor. 

The Applicants' invention translates smartcanJ commands to USB paclsets (on the 
computer) and rranslares the received USB packets back to smartcard commands in the 
token. The virtual smartcard (VSQ disclosed in die Benson reference does not send 
commands at all ... it receives smartcard commands arid executes them using a software 
emulation. 

The VSC reader described in the Benson reference does not package or tianslaie 
smartcard commands, it merely forwards them unchanged to the VSC software. The 
Applicants* virtual reader packages smartcard commands to a USB format and sends them to 
die USB token, where the commands are unpacked and executed by a real smartcard 
processor. 

With the foregoing differences in mind, the Applicants respectfully request that the 
following remarks be considered. 

III. Office Action Prior Art Rejections 

In paragraphs the Office Acrion rejected claims 1-19 under 35 U.S.C § 103(a) 

as unpatentable over Benson, EP 0936530 (Benson) in view of Gabrielle, "USB Forum 
Produces Logo, Awareness Iniriatives, 1997, QDmputer Retail Week, n 192, pg49" 
(Gabrielle). Applicants respectfully traverse these rejections. 

With Respect to Clnim 1 : Qaim 1 recites: 

a smtrtmnip)X)aesscrhaw^a srmrtiimipTVt^sor-ccfTpliarit irueifaca fcrammrdcatir^ 
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an y^cusprocessor, oorrjnwnmti'idy<x)upled USB-wrrpliant irttetfac£ and to 
STTmtairdpTtxessor'COrrpliajTt intetface the im^amprooessar inplementiT^a trarslatian nrdukfor 
irOerpretijig USB-conpliant vrssa^ into simrtamipwos^cfr-impliarit wessa^ ardjur 
2nte?prEi2rigsmtttczrd procEssor-amplumt rressagp imo USB-conpliant ttessu^. 

According to che Office Acuon, the Benson reference discloses a token having a 

smart card processor as follows: 

As opposed to a physical smart card reader, a virtual smartcard reader 5 is virtual hardware 
acdng as on emulator chat passes infonnauon lo and from a Virtual Smart Card 6. Additionally, the 
Vircual Smart Card Reader 5 communicates 'ffith a Virtual Smart Card Server 8 (VSC Server) via a 
network/, e.g., an Incnmct, Extranet, or the Internet. (coL 6, lines 38-45) 

The VSC Server 8 stores all protected information in its database (encrypted usbg the 
respecdve protcaion keys) . When a Wtual Smart Card owner inserts a Virtual Smart Card 6, the 
VSC server 8 downloads the protected infortnation; and when the owner removes a Vircual Smart 
Gud 6, the Virtual Snoan Card 6 tipbads the updated protected information to the VSC Server 8. (col. 
6, line 38 through col. 7, line 5) 

The Applicants respectfully disagree. The foregoing passages do not disclose a 
personal token having a smartcard processor, but radier, a Viraial Smart Card (VSQ, which 
is essentially a smartcard emulator. TTie Gabrielle reference likewise falk to disclose a token 
having a smartcard processor. On this basis alone, the rejection under 35 US.C § 103(a) is 
improper and should be withdrawn. 

The Benson reference likewise faib to disclose the token's interface processor and 
translation module, which interprets USB-compliant messages into smartcard processor- 
compliant messages and interprets smartcard-conipHant messages into USB-compIiant 
messages. According to the Office Action, the Benson discloses these features as follows: 



The VSC Server then permits the owner to use the Virtual Smart Card, When the Virtual 
Smart Card owner performs a remove operation, the Virtual Smart dxd disables itself, securely sends 
a remove request to the VSC Server, and dien shuts itself down. When the VSC Server receives a 
remove request, die VSC Server resets the Virtual Smart Card's state in the database to be idle. 

An alternative to the communication between the Virtual Sman Card and the Virtual Smart 
Card Server is presented in claim 10. The Virmal Smart Card Reader communicates with a dongle (or 
some other duplicadon-prtjtecicd physical media). A duplication protected ph>sical media has the 
property that it is exceedingly difficult for an unauthorized attaclter to construct a copy of the m^Hla 
The Virtual Smart Card is a copyprotected program that executes only if permitted by the Dongle. If 
die end- user attaches the Dongle to the machine, then the Vircual Smart Cird executes; otherwise, the 
Virtual Smart Card stops. (coL 4, lines 4-23). 
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Insert 104: The end-user attaches die dongle 1101 and boois ibe Virtual Snurt Card 6 program. Hic 
Vircual Smart Card 6 program docs not operate unless the Virtual Smart Card 6 program can validate 
that the Dongjc 1101 is present. The state of the Vircual Smart Card 6 is in- use 102 after the Virtual 
Smarc Card 6 detects the Dongle 1 101. This state is not explicidy recorded as in the case with the 
VSC Server 8. (coL 24, lines 8-16). 

The foregoing describes the interaction between a the Virtual Smart Card and the 
Virrual Server (orj in coL 24, a Dongle), It does not describe a token with an interface 
processor, and does not describe an entity that is coupled between a smarccard processor 
and a USB-compliant interface, and does not describe any enrity that interprets USB- 
compliant messages into smartcard-compliant messages or smartcard-compliant messages to 
USB-compliant messages. The Gabrielle reference is likewise deficient 

The Applicants also respectfully disagree that there is any teaching to combine the 
Benson and Gabrielle references. Although, the Office Action indicates that the USB- 
compliant interface can transfer data quicker than a serial or parallel port, Benson teaches 
that the Virtual Smart Card and the Virtual Smart Card Server are performed via a network, 
an Intranet, Extranet, or the Internet (see col, 6, lines 43-45) all of which offer qiricker data 
transfer than a USB-compliant interface. 

Arcordingly, the Applicants respectfully traverse the rejecrion of claim 1. 

With Respect to Qaim 2 : Qaim 2 recites: 

„,7ihejvin the mtejfiwe processor erriMlates asrrmtcmdimderto the smzrtozrdproossor. 

According to the Office Action, Benson discloses that the interface processor 

emulates a smarccard reader to the sxnartcard processor as follows: 

The invention presents a bridge technology called Vircual Smart Card which emxalaies a real smart 
card byproviding an identical Interface and collection of services. However^ the Vtnual Smart 
Card has no phys ical manifestation. Any smart card-aware application can seamlessly inter-opcratc 
wh either a real smart card or a Virtual Sman Card. (coL 3 , lines 22-28, emphasis added) 



and 



The Virtual Smart Card Reader communicates with a Dongle (or some other duplication-protected 
physical media), A duplicadonrprotecced physical media has the properry diai it is exceedingly 
difficult for an unauthorized attacker to constmct a copy of the media. Tlie Virtual Sman Card is a 
copyprotected program that executes only if permitted by the Dongle. If die end- user attaches the 
Don^e to the machine, then the Virtual Smart Card executes; oihenvise, the Virtual Smart Card 
stops, (col. 4, lines 1-4-23) 
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and 

As opposed ro a physical smart card reader, a Vinual Smart Gird Reader 5 is a virtual hardware acting 
as an emulawr ihat passes information to and from a Virtual Smart Card 6, Addicicnally, the Virtual 
Smart Card Reader 5 communicates xvith a Virtual Smart Card Server 8 (VSC Ser\^er) via a network 7, 
e.g. an Intwinet, Extranet^ or the Imemet. (coL 6, lines 38-44) 

However, the VSC Reader disclosed above merely forwards emulated smart card 
messages unchanged to the VSC Server ... it does nor "interpret USB-compIiant messages 
into smartcard processor-compliant messages and for interpreting smartcaid processor- 
compliant messages into USB-complxant messages", as claim 2 recites. Accordingly, the 
Applicants respectfully traverse the rejection of claim 2. 

\X/ith Respect to Qaim 3 : Qaim 3 recites that: 

lheh(£tprrxes$ir^ckujoscDirpm irdudinga 
€omj7]^£mmon rmMe firpadzagng n^sa^ for tnmsrmsian to ihpenond token va the USB 
(xsipli:tr2t imeififce aCDC^ reomedjkmthe 
personal token da ihe USB-ccmpliant intsrfcuE aaurdirjg to ihe Jhstprotocxi; and 

the irtteifajoe -processor troTslation TTJxMe wpadsa^ mssa^ from ihe best prooEssitig 
ckike aamdng to the first protocol andpadza^ nessa^ dsstmedfor the hcstpnxEssir^ ckike 
aax:(nhtgtotheJmtpratoocL 

According to the Office Action, the Benson reference discloses a virtual smartcaid 
reader. The Office Action concedes that the Benson reference does not disclose a 
"communication module for packaging messages for transmission to the personal token via 
the compliant interface according to a first protocol" but asserts that this commtmication 
module is inherendy disclosed. 

The Applicants respectfully disagree. Benson's Virtual Smart Card Reader interfaces 
diiBcdy with the Virtual Smart Card. Since both the reader and the smart card itself emulate 
smanrard processes and messages, there is no reason whatsoever for any sort of traxislation 
or packaging. 

Inherency "may not be established by probabilities or possibilities. The mere fact 
that a certain thing may result from a given set of circumstances is not sufficient " Conttrmal 
QtnQxv Monsanto Ga, 948 F^d 1264, l269(Fed. Or. 1991). Instead, to establish inherency, 
the extrinsic evidence "must make clear that the missing descriptive matter is necessarily 
present in the thing described in the reference, and that it would be so recognized by 
persons of ordinary skill" Continentd Cm Qi, 948 F.2d at 1268. 
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Because there is no reason to include the functionality that the Office Action asserts 
is inherently disclosed, the Benson reference cannot inherendy disclose the feanires of claim 
3. Accordingly, the Applicants respectfully traverse the rejection of claim 3. 

\^th Respect to Qaims 4 and 10 : Qaim 4 recites that the virtual smartcard reader 
comprises a bootup module for responding to operating system bootup procedures with an 
indication that a smancard reader is communicatively coupled to the host processor. 
According to the Office Action, relying on the following text passage, contends that this is 
inherendy disclosed: 

Ifista 104: The end- user attaches the Dongle 1101 and boots the Vurual Smarc Card 6 program, lie 
Vircual Smarc Card 6 prognim docs not operate meIcss the \^Iitual Smart Card 6 program can vaKdaie 
that the Dongle 1101 is present. The state of the Virtual Smart Card 6 is inruse 102 after the Vurual 
Smart Card 6 detects the Dongle 1101. This state is nor explicidy recorded as in the case with die 
VSC Server 8. (col. 24. lines 8- 16) 

All the foregoing discloses, hoover, is a boomp procedure for usir^ the smartcard 
emulation (running on the user's computer) with a dongle. This does not suggest, even 
inherendy, a bootup module, running in the host processing device (analogous to the VSC 
Server). Accordingly, the Applicants respectfully traverse the rejection of claim 4. 

Qaim 10 recites analogous features as claim 4 and is paienuble for the same reasons. 

Re garding claims 6, 12. and 17 : Qaim 6 recites that the virtual smartcard reader 
(running in the host processing device) comprises a reporting modLile for receiving and 
reporting the insertion of the personal token in a USB-compliant port and the removal of 
the personal token as a removal of a smartcard f rc>m a sn:iancard reader. According to the 
Office Action, Benson discloses these features as follow: 

Insert 104: The end-user maches the Dongle 1101 and boots the Virtual Srtwn Card 6 program- The 
Virrual Smart Card 6 program does not operate unless the Vinnal Sman Card 6 program can validate 
xhai ihe Dongje 1101 is present. The state of the Virtual Smart Card 6 is in-usc 102 after the Vircuai 
Smarc Card 6 detects the Dongle 1101. This state is not explicidy recorded as in the case with the 
VSC Server 8. (coL 24, lines &-16) 

At anytime after successfully performing an inserc operation^ a Virtual Smart Card 6 niay perform the 
remove operadon (using the proteacd channel established during the insert operadon). First, the 
Virtual Smart Card 6 disables itself by refusing all requests for services. Next, the Vinual Smart Card 
6 sends a remove request xo ihe VSC Server * which uploads die protected information (encrypted 
using die protection l<e>^. Upon receipt of a remove request, the VSC Server 8 resets its 
corresponding database enuy to idle and teiums a success acknoNJ^edgement, Next, the Virtual Smart 
. Card 6 unlocks the local machine lock, zeros out the protected information, and shuts Itself down, 
(col. 13, lines 41^53) 
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Instead of communicating with the Virtual Smart Card Server 8, the Virtual Smajx Caixl Reader 5 
communicates with duplicatioi>protected physical media, e.g., aDonglc 1101. (col. 23, lines 34-37) 

Remove 105: The Donglc 1101 fails to authorize the Vimial Sman Card 6. For example, the endr 
user either removes dae dongle 1101» or the Virtual Smart Card 6 shuts do^. The state is idle 101 
after the Donglc 1101 is removed, (col. 24, lines 18-22). 

From what die Applicants can ascertain, nothing in the foregoing passage discbses a 
virtual simitcard reader having a reporting module reporting the insertbn of the personal 
token in USB in a USB-complianr port and the removal of the personal tolffin as a removal 
of a smancard from a smartcard reader. At best, the foregoing independently describes a 
Virtual smartcard performing remove operations and sending remove requests, and that the 
Virtual Smart Card shuts down if the user removes the dongle. Claim 12 is patentable for the 
same reasons. Accordingly, the Applicants traverse the rejection of claims 6 and 12. 

Regarding Qaims 7, 13, and 18 : Claim 7 recites that "Ae zirtual srrmtmrd reader junher 

syswmandpmdcb^aPTS -response ?nessaff tolhecpemwigsy^m " Accordir^ to the Office 
Action, Benson inherendy discloses this feature because "the virtual simrc card can be 
inserted into different machines." Inherency **may not be established by probabihties or 
possibiliries. The mere fact that a certain thing may result from a given set of circumstances 
is not sufficient" Omn&od CmQxv Mamano Ga. 948 F.2d 1264, 1269(Fed. Gr. 1991). 
Instead^ to establish inherency, the extrinsic evidence "must make clear that the missing 
descriptive matter is necessarily present in the thing described in the reference, and that it 
would be so recognized by persons of ordinary skill." Commemd Can Ox, 948 F.2d at 1268. 
No such sho^wir^ is possible because the "virtual smart card" Is in fact, a software program, 
running on the user's computer, and is not "inserted into different machines" as the Office 
Action st^ests. 

Regarding Ckim 8 : Qaim 8 recites: 

a ztrimls77wr<md reach 7?jx&de stored 

cpenziing 

syslenijbremdatirjgatleano^ thedrtmlsmmcard 
rsador mxkk conprisir^ a ojmrrmmiiion mxMe forpama^sig srrmtwd-coTTplkrTt ccmmrtck 
jortrarsTrhsiantoap&soridtokma^^ USB- 
ayrplmit interfcuz and for tfrpzdziaTgsrrmtcaird'OCj^li^ rssponses itceked from the personal 
tcken 
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According to the Office Action, these features are disclosed as follows: 

As opposed to a physical smart card readerj a virtual smartcard reader 5 Is vlmjal hardware 
acting as an emulator that passes Informaiion to and ffom a Virtual Smart Card 6. Additionally, the 
Virtual Smart Card Reader 5 communicates ^th a Virtual Smart Card Server 8 (VSC Server) via a 
network e-g.» an Inoanetj Extranet, or the Intejnet. (col. 6j lines 38-45) 

The VSC Server 8 stores all protected information in its database (encrypted using the 
respective protection keys). "When a "Virtual Sniart Card owner inserts a Virtual Smart Card 6, the 
VSC server 8 downloads the protected infonnacion; and when the owner removes a Virtual Smart 
Card 6, the Virtual Smart Card 6 uploads the updated protected informatioft to the VSC Server 8. (coL 
6, line 38 thit>ugh coL 7, line 5) 

TTie Applicants respectfully traverse this rejection- As described above respect 
TO claim 3, Benson does nor disclose a virtual smartcaid reader having a coniinunication 
module packaging smartcard compliant commands to a personal token. As discbsed in 
Benson as follows, the "dongle" is used to authorize the execution of the Virtual Smart Card 
prognun; 

Figure 15 illustrates an alternative implementation of the Virtual Sman Card 6. This 
implemeniatlon does not require a VSC Server 8. 

Instead of communicating with the Virtual Smart Card Server 8 the Virtual Smart Card 
Reader 5 communicates with duplicaaon-proiecced physical media, e,g., aDon^e 1101. Aduplk:ation 
protected physical media 11 01 has the property that it is exceedingly difficult for an unauthorized 
attacker to construct a copy of the media 1101. Tbs: Virtual Smart Card 6 is a copyprotected program 
that executes Only If permitted by the Dongje 1101. If the end- user attaches the Dongle 1101 to the 
machine, then the Virmal Smart Cant 6 execijtes; otherwise, the Virtual Smart Card 6 stops. (coL 23, 
lines 31-44) 

Further, smartcard commands are not sent to either the Virtual Smart Card Server or 
the dongle. Instead, these entities act only as data repositories where protected data is stored 
and retrieved. There is no teaching to translate or package smartcard commands or 
responses. For the foregoing reasons, the Applicants respectfully traverse the rejection of 
claim 8. 

Wijii Respect to Qaims 14 and 15 ; According to the Office Action, claims 14 and 
15 are not allowable for the same reasons as claims 1 and 3, Tlie Applicants respectfully 
traverse for the reasons described with respect to claims 1 and 3, Qaim 15 also recites 
features not recited in claim 3 and is allowable on this basis as well. 

With Respect to Claim 16 : According to the Office Action, the Benson reference 
teaches the steps of accepting a startup query from the host computer operating system in 
the virtual smartcard reader* and providing an indication that a smartcard reader is 
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commmucatively coupled to the host computer to the host computer operating system as 
foUo'WS; 

Insert 104: The etid-user auaches the dongjc 1101 and boots the Vircual Smart Card 6 program. Tlie 
Virtual Smart Card 6 program does not operate unless the Vimial Smart Card 6 program can validate 
that the Dongle 1101 is preseni. The stare of the Vinual Smart Card 6 is in-use 102 after the Virtual 
Smart Card 6 detects the Dongle 1 101. This state is not explicitly recorded as in the case ^th the 
VSC Server 8. (col. 24, lines 8-16). 

The Applicants respectfully disagree that the foregoing discloses anything related to 

the acceptance of a smartcard queiy. 

With Respect to Claim 19 : Qaim 19 recites: 

A wti4dsmmc£mivdaderen^ conprising 
ajhfBtsmcncmdrmdererndmor^ irrplerrermimahanasnpt^ 

reader wemiaiis tothehcst 

asea^smmmtdtieackrermlatory inplermitedmapmondkey^f^ 

smtrtmrd reader cperadons to a sirmto^trd-mterfaoe corrpliaTit personal keypnxesson 

According to the Office Acrion, the foregoing features are discloses as follows: 

The Virtual Sman Caid Reader communicates with a Dongle (or some other duplication-protected 
physical media). A duplicatioihprotectcd physical media has the property that it is exceedingly 
difficult for an unauthorized attacker to construct a copy of the media. The Virtual Smart Card is a 
copy protected program that executes only if pcrmitccd by the Dongle. If the endruser attaches the 
Dongle to the machine, then the Virtual Smart Card executes; otherwise, the Virtual Smart Cord 
stops. (coL 4, lines 14-23) 



Insert 104: The end- user attaches the Dongle 1101 and boots the Vimial Sman Card 6 program. The 
Virtual Smart Card 6 program does not operate unless the Vircual Smart Cartl 6 program can validate 
that the Dongle 1101 is present. The state of the Virtual Smart Caid 6 is in-use 102 after the Virtual 
Smart Card 6 detects the Dongle 1101. This state is not explicitly recorded as In the case with tlie 
VSC Server 8. (col. 24, lines 8- 16) 

Of course, nothing in the foregoing text suggests a smartcard reader emulator in a 
personal key for emulating smartcard reader operations to a smartcard-compliant personal 
key processor. Accordingly, the Applicants traverse the rejection of claim 19. 
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IV. Dependent Qaims 

Dependem claims 2-7, 10-13, and 15-18 incorpotare the limitations of their related 
independent claims, and are therefore patentable on this basis. In addition, these claims 
recite novel elements even more remote from the cited references. Accordingly, the 
Applicants respectfully request that these claims be allo^d as well. 

V. Conclusion 

In view of the above, it is submitted that this application is now in good order for 
allowance and such allowance is respectfully solicited. Should the Examiner believe minor 
matters still remain that can be resolved in a telephone iateivieWj the Examiner is urged to 
call Applicants' undersigned attorney. 

Respectfully submitted, 

GATES & COOPER LIP 
Attorneys for ApplicanT(s) 

Howard Hughes Center 
6701 Center Drive West, Suite 1050 
Los Angeles, California 90045 
(310} 641-8797 



Date: January 6, 2004 By ^ 




Name: Virfor G. <Zboper 
Reg. No.: 39,641 

VGC/sjm 
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